Ghost in the Router: China-Nexus Espionage Actor UNC3886 Targets Juniper Routers

Mandiant discovered custom TinyShell backdoors on Juniper Networks’ Junos OS routers, attributed to the China-nexus espionage group UNC3886. The attacks affected routers running EOL hardware and software. More https://cloud.google.com/blog/topics/threat-intelligence/china-nexus-espionage-targets-juniper-routers

Continue ReadingGhost in the Router: China-Nexus Espionage Actor UNC3886 Targets Juniper Routers

Analyzing Elysium, a Variant of the Ghost (Cring) Ransomware Family

A new ransomware variant, Elysium, linked to the Ghost ransomware family, has been targeting critical infrastructure, healthcare, and government sectors by exploiting vulnerabilities in outdated applications. Read here https://www.netskope.com/blog/analyzing-elysium-a-variant-of-the-ghost-cring-ransomware-family

Continue ReadingAnalyzing Elysium, a Variant of the Ghost (Cring) Ransomware Family

New XCSSET malware adds new obfuscation, persistence techniques to infect Xcode projects

Microsoft has discovered a new variant of XCSSET, a sophisticated modular malware that targets macOS. It has enhanced obfuscation methods, updated persistence mechanisms, and new infection strategies. Ref https://www.microsoft.com/en-us/security/blog/2025/03/11/new-xcsset-malware-adds-new-obfuscation-persistence-techniques-to-infect-xcode-projects/

Continue ReadingNew XCSSET malware adds new obfuscation, persistence techniques to infect Xcode projects